Language Selection

English French German Italian Portuguese Spanish

Microsoft, Linux vendors slow to fix flaw

Filed under
Security

Colin Percival detailed the vulnerability -- which affects versions of Intel's CPU that use a technology called hyper-threading -- at a conference on May 13.

The vulnerability could allow hackers to steal sensitive information such as passwords on servers configured to allow multiple users to login simultaneously.

The FreeBSD security team member has received formal responses to the issue from the makers of the BSD family of open-source operating systems, as well as SCO and Ubuntu Linux. However, Linux vendors Red Hat, Novell and Mandriva as well as Microsoft have been slow to act.

"Given that I reported this problem in early March, I really think that they [Microsoft and Linux vendors] should have had a patch over a month ago -- in time to test it extensively before releasing it on May 13th," Percival told ZDNet Australia .

"I made it quite clear to everyone that I would be releasing my paper on that date and that they should make sure they were ready by then," he added.

Although the problem only affects multi-user servers, these machines are widely used. "The most obvious example is shared Web servers, which constitutes the vast majority of small e-commerce sites," he said. "On these systems the flaw is very serious."

Full Story.

More in Tux Machines

Here’s How to Create the Perfect Ubuntu Origami Unicorn - Video

After announcing last week the Ubuntu Origami Unicorn contest, which can bring an awesome new BQ Aquaris E4.5 Ubuntu Edition phone to a user that folds the best-looking Unicorn, today Canonical decided that it’s finally time to show the world how to make the perfect origami unicorn. Read more Also: Canonical Eyes Telecom, NFV Innovation with Ericsson Cloud Partnership

Docker 1.6 Coming April 7

Some of the big additions set to debut in Docker 1.6 will be a native Windows client. Building Docker images will also get a boost with the ability to building images from an image ID as well as having the ability to impose constraints (memory etc) on images. Read more Also: Could Docker replace package management?

Linux Mint Needs a Huge, Modern Overhaul, More Artists and Web Developers Are Needed

We’ve announced earlier today, March 30, that the Linux Mint developers have released their monthly newsletter where they’ve reported the changes implemented in the upcoming releases of the LMDE 2 (Linux Mint Debian Edition), dubbed Betsy, as well as the Linux Mint 17.2 (Rebecca) operating systems. Read more

Creating a Unified Ubuntu Experience

On it's own, Ubuntu is a solid desktop Linux experience. It offers ample application choices and it's easy to use. But one area I would like to see greater focus is mirroring one desktop to another. That is, being able to find the same documents and other files I use on both desktop machines. In this article I'll explore options I've found useful in creating a unified Ubuntu Experience. Read more Also: The big lesson from Ubuntu, Windows and Coca Cola